Re: Integrity checking NANOBSD images
- From: "R. B. Riddick" <arne_woerner@xxxxxxxxx>
- Date: Tue, 11 Jul 2006 13:45:21 -0700 (PDT)
--- Poul-Henning Kamp <phk@xxxxxxxxxxxxxx> wrote:
Arming a trojan to just do 'sleep 145 ; echo "sha256 = 0248482..."'But what if the trojan copies its files to the RAM disc and waits for this
when you thing you're running sha256 would be trivia.
sha256 binary showing up? And then, when it is there, it removes its changes on
the hard disc (those changes certainly must be in unused (formerly zeroed)
areas of the hard disc or in the (zeroed) end of certain shell scripts... Or do
I miss something?
Wasn't is usual some years ago to switch the boot disc hardware to "read only"
mode? I dont know how to do that, but my source seemed to be trustworthy
(although I never saw him - I just heard his voice...)... ;-))
A switch like on those 1.44'' floppy discs would be good...
But then software/OS updates would require physical access to the box...
-Arne
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Integrity checking NANOBSD images
- From: Mike Tancsa
- Re: Integrity checking NANOBSD images
- From: Poul-Henning Kamp
- Re: Integrity checking NANOBSD images
- References:
- Re: Integrity checking NANOBSD images
- From: Poul-Henning Kamp
- Re: Integrity checking NANOBSD images
- Prev by Date: Re: Integrity checking NANOBSD images
- Next by Date: Re: Integrity checking NANOBSD images
- Previous by thread: Re: Integrity checking NANOBSD images
- Next by thread: Re: Integrity checking NANOBSD images
- Index(es):
Relevant Pages
|
